<?xml version="1.0"?>
<doc>
    <assembly>
        <name>DotNetOpenAuth.OpenId.RelyingParty</name>
    </assembly>
    <members>
        <member name="T:DotNetOpenAuth.OpenId.Interop.IOpenIdRelyingParty">
            <summary>
            The COM interface describing the DotNetOpenAuth functionality available to
            COM client OpenID relying parties.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.IOpenIdRelyingParty.CreateRequest(System.String,System.String,System.String)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <param name="realm">
            The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.
            </param>
            <param name="returnToUrl">
            The URL of the login page, or the page prepared to receive authentication 
            responses from the OpenID Provider.
            </param>
            <returns>
            An authentication request object that describes the HTTP response to
            send to the user agent to initiate the authentication.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.IOpenIdRelyingParty.CreateRequestWithSimpleRegistration(System.String,System.String,System.String,System.String,System.String)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">The Identifier supplied by the user.  This may be a URL, an XRI or i-name.</param>
            <param name="realm">The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.</param>
            <param name="returnToUrl">The URL of the login page, or the page prepared to receive authentication
            responses from the OpenID Provider.</param>
            <param name="optionalSreg">A comma-delimited list of simple registration fields to request as optional.</param>
            <param name="requiredSreg">A comma-delimited list of simple registration fields to request as required.</param>
            <returns>
            An authentication request object that describes the HTTP response to
            send to the user agent to initiate the authentication.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.IOpenIdRelyingParty.ProcessAuthentication(System.String,System.String)">
            <summary>
            Gets the result of a user agent's visit to his OpenId provider in an
            authentication attempt.  Null if no response is available.
            </summary>
            <param name="url">The incoming request URL .</param>
            <param name="form">The form data that may have been included in the case of a POST request.</param>
            <returns>The Provider's response to a previous authentication request, or null if no response is present.</returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform">
            <summary>
            An Attribute Exchange and Simple Registration filter to make all incoming attribute 
            requests look like Simple Registration requests, and to convert the response
            to the originally requested extension and format.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyBehavior#ApplySecuritySettings(DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Applies a well known set of security requirements to a default set of security settings.
            </summary>
            <param name="securitySettings">The security settings to enhance with the requirements of this profile.</param>
            <remarks>
            Care should be taken to never decrease security when applying a profile.
            Profiles should only enhance security requirements to avoid being
            incompatible with each other.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyBehavior#OnOutgoingAuthenticationRequest(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest)">
            <summary>
            Called when an authentication request is about to be sent.
            </summary>
            <param name="request">The request.</param>
            <remarks>
            Implementations should be prepared to be called multiple times on the same outgoing message
            without malfunctioning.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyBehavior#OnIncomingPositiveAssertion(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse)">
            <summary>
            Called when an incoming positive assertion is received.
            </summary>
            <param name="assertion">The positive assertion.</param>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile">
            <summary>
            Implements the Identity, Credential, &amp; Access Management (ICAM) OpenID 2.0 Profile
            for the General Services Administration (GSA).
            </summary>
            <remarks>
            <para>Relying parties that include this profile are always held to the terms required by the profile,
            but Providers are only affected by the special behaviors of the profile when the RP specifically
            indicates that they want to use this profile. </para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyBehavior#ApplySecuritySettings(DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Applies a well known set of security requirements.
            </summary>
            <param name="securitySettings">The security settings to enhance with the requirements of this profile.</param>
            <remarks>
            Care should be taken to never decrease security when applying a profile.
            Profiles should only enhance security requirements to avoid being
            incompatible with each other.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyBehavior#OnOutgoingAuthenticationRequest(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest)">
            <summary>
            Called when an authentication request is about to be sent.
            </summary>
            <param name="request">The request.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyBehavior#OnIncomingPositiveAssertion(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse)">
            <summary>
            Called when an incoming positive assertion is received.
            </summary>
            <param name="assertion">The positive assertion.</param>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElementRelyingParty">
            <summary>
            The OpenID binding element responsible for reading/writing OpenID extensions
            at the Relying Party.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElementRelyingParty.relyingPartySecuritySettings">
            <summary>
            The security settings that apply to this relying party, if it is a relying party.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElementRelyingParty.#ctor(DotNetOpenAuth.OpenId.ChannelElements.IOpenIdExtensionFactory,DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElementRelyingParty"/> class.
            </summary>
            <param name="extensionFactory">The extension factory.</param>
            <param name="securitySettings">The security settings.</param>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel">
            <summary>
            The messaging channel for OpenID relying parties.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel.#ctor(DotNetOpenAuth.Messaging.Bindings.ICryptoKeyStore,DotNetOpenAuth.Messaging.Bindings.INonceStore,DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel"/> class.
            </summary>
            <param name="cryptoKeyStore">The association store to use.</param>
            <param name="nonceStore">The nonce store to use.</param>
            <param name="securitySettings">The security settings to apply.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel.#ctor(DotNetOpenAuth.Messaging.Bindings.ICryptoKeyStore,DotNetOpenAuth.Messaging.Bindings.INonceStore,DotNetOpenAuth.Messaging.IMessageFactory,DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings,System.Boolean)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel"/> class.
            </summary>
            <param name="cryptoKeyStore">The association store to use.</param>
            <param name="nonceStore">The nonce store to use.</param>
            <param name="messageTypeProvider">An object that knows how to distinguish the various OpenID message types for deserialization purposes.</param>
            <param name="securitySettings">The security settings to apply.</param>
            <param name="nonVerifying">A value indicating whether the channel is set up with no functional security binding elements.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel.CreateNonVerifyingChannel">
            <summary>
            A value indicating whether the channel is set up
            with no functional security binding elements.
            </summary>
            <returns>A new <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel"/> instance that will not perform verification on incoming messages or apply any security to outgoing messages.</returns>
            <remarks>
            	<para>A value of <c>true</c> allows the relying party to preview incoming
            messages without invalidating nonces or checking signatures.</para>
            	<para>Setting this to <c>true</c> poses a great security risk and is only
            present to support the OpenIdAjaxTextBox which needs to preview
            messages, and will validate them later.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyChannel.InitializeBindingElements(DotNetOpenAuth.Messaging.Bindings.ICryptoKeyStore,DotNetOpenAuth.Messaging.Bindings.INonceStore,DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings,System.Boolean)">
            <summary>
            Initializes the binding elements.
            </summary>
            <param name="cryptoKeyStore">The crypto key store.</param>
            <param name="nonceStore">The nonce store to use.</param>
            <param name="securitySettings">The security settings to apply.  Must be an instance of either <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings"/> or ProviderSecuritySettings.</param>
            <param name="nonVerifying">A value indicating whether the channel is set up with no functional security binding elements.</param>
            <returns>
            An array of binding elements which may be used to construct the channel.
            </returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyMessageFactory">
            <summary>
            Message factory for OpenID Relying Parties.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyMessageFactory.GetNewRequestMessage(DotNetOpenAuth.Messaging.MessageReceivingEndpoint,System.Collections.Generic.IDictionary{System.String,System.String})">
            <summary>
            Analyzes an incoming request message payload to discover what kind of
            message is embedded in it and returns the type, or null if no match is found.
            </summary>
            <param name="recipient">The intended or actual recipient of the request message.</param>
            <param name="fields">The name/value pairs that make up the message payload.</param>
            <returns>
            A newly instantiated <see cref="T:DotNetOpenAuth.Messaging.IProtocolMessage"/>-derived object that this message can
            deserialize to.  Null if the request isn't recognized as a valid protocol message.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.OpenIdRelyingPartyMessageFactory.GetNewResponseMessage(DotNetOpenAuth.Messaging.IDirectedProtocolMessage,System.Collections.Generic.IDictionary{System.String,System.String})">
            <summary>
            Analyzes an incoming request message payload to discover what kind of
            message is embedded in it and returns the type, or null if no match is found.
            </summary>
            <param name="request">The message that was sent as a request that resulted in the response.</param>
            <param name="fields">The name/value pairs that make up the message payload.</param>
            <returns>
            A newly instantiated <see cref="T:DotNetOpenAuth.Messaging.IProtocolMessage"/>-derived object that this message can
            deserialize to.  Null if the request isn't recognized as a valid protocol message.
            </returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions">
            <summary>
            Helps ensure compliance to some properties in the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings"/>.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions.securitySettings">
            <summary>
            The security settings that are active on the relying party.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions.#ctor(DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions"/> class.
            </summary>
            <param name="securitySettings">The security settings.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions.ProcessOutgoingMessage(DotNetOpenAuth.Messaging.IProtocolMessage)">
            <summary>
            Prepares a message for sending based on the rules of this channel binding element.
            </summary>
            <param name="message">The message to prepare for sending.</param>
            <returns>
            The protections (if any) that this binding element applied to the message.
            Null if this binding element did not even apply to this binding element.
            </returns>
            <remarks>
            Implementations that provide message protection must honor the
            <see cref="P:DotNetOpenAuth.Messaging.MessagePartAttribute.RequiredProtection"/> properties where applicable.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions.ProcessIncomingMessage(DotNetOpenAuth.Messaging.IProtocolMessage)">
            <summary>
            Performs any transformation on an incoming message that may be necessary and/or
            validates an incoming message based on the rules of this channel binding element.
            </summary>
            <param name="message">The incoming message to process.</param>
            <returns>
            The protections (if any) that this binding element applied to the message.
            Null if this binding element did not even apply to this binding element.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">
            Thrown when the binding element rules indicate that this message is invalid and should
            NOT be processed.
            </exception>
            <remarks>
            Implementations that provide message protection must honor the
            <see cref="P:DotNetOpenAuth.Messaging.MessagePartAttribute.RequiredProtection"/> properties where applicable.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions.Channel">
            <summary>
            Gets or sets the channel that this binding element belongs to.
            </summary>
            <remarks>
            This property is set by the channel when it is first constructed.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions.Protection">
            <summary>
            Gets the protection commonly offered (if any) by this binding element.
            </summary>
            <remarks>
            This value is used to assist in sorting binding elements in the channel stack.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement">
            <summary>
            The signing binding element for OpenID Relying Parties.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement.rpAssociations">
            <summary>
            The association store used by Relying Parties to look up the secrets needed for signing.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement.#ctor(DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement"/> class.
            </summary>
            <param name="associationStore">The association store used to look up the secrets needed for signing.  May be null for dumb Relying Parties.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement.GetSpecificAssociation(DotNetOpenAuth.OpenId.ChannelElements.ITamperResistantOpenIdMessage)">
            <summary>
            Gets a specific association referenced in a given message's association handle.
            </summary>
            <param name="signedMessage">The signed message whose association handle should be used to lookup the association to return.</param>
            <returns>
            The referenced association; or <c>null</c> if such an association cannot be found.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement.GetAssociation(DotNetOpenAuth.OpenId.ChannelElements.ITamperResistantOpenIdMessage)">
            <summary>
            Gets the association to use to sign or verify a message.
            </summary>
            <param name="signedMessage">The message to sign or verify.</param>
            <returns>
            The association to use to sign or verify the message.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement.VerifySignatureByUnrecognizedHandle(DotNetOpenAuth.Messaging.IProtocolMessage,DotNetOpenAuth.OpenId.ChannelElements.ITamperResistantOpenIdMessage,DotNetOpenAuth.Messaging.MessageProtections)">
            <summary>
            Verifies the signature by unrecognized handle.
            </summary>
            <param name="message">The message.</param>
            <param name="signedMessage">The signed message.</param>
            <param name="protectionsApplied">The protections applied.</param>
            <returns>
            The applied protections.
            </returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement">
            <summary>
            This binding element adds a nonce to a Relying Party's outgoing 
            authentication request when working against an OpenID 1.0 Provider
            in order to protect against replay attacks or on all authentication
            requests to distinguish solicited from unsolicited assertions.
            </summary>
            <remarks>
            <para>This nonce goes beyond the OpenID 1.x spec, but adds to security.
            Since this library's Provider implementation also provides special nonce
            protection for 1.0 messages, this security feature overlaps with that one.
            This means that if an RP from this library were talking to an OP from this
            library, but the Identifier being authenticated advertised the OP as a 1.x
            OP, then both RP and OP might try to use a nonce for protecting the assertion.
            There's no problem with that--it will still all work out.  And it would be a 
            very rare combination of elements anyway.
            </para>
            <para>
            This binding element deactivates itself for OpenID 2.0 (or later) messages 
            since they are automatically protected in the protocol by the Provider's
            openid.response_nonce parameter.  The exception to this is when
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings.RejectUnsolicitedAssertions"/> is
            set to <c>true</c>, which will not only add a request nonce to every outgoing
            authentication request but also require that it be present in positive
            assertions, effectively disabling unsolicited assertions.
            </para>
            <para>In the messaging stack, this binding element looks like an ordinary
            transform-type of binding element rather than a protection element,
            due to its required order in the channel stack and that it exists
            only on the RP side and only on some messages.</para>
            </remarks>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.ReturnToNonceContext">
            <summary>
            The context within which return_to nonces must be unique -- they all go into the same bucket.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.NonceByteLength">
            <summary>
            The length of the generated nonce's random part.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.nonceStore">
            <summary>
            The nonce store that will allow us to recall which nonces we've seen before.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.securitySettings">
            <summary>
            The security settings at the RP.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.channel">
            <summary>
            Backing field for the <see cref="P:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.Channel"/> property.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.#ctor(DotNetOpenAuth.Messaging.Bindings.INonceStore,DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement"/> class.
            </summary>
            <param name="nonceStore">The nonce store to use.</param>
            <param name="securitySettings">The security settings of the RP.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.ProcessOutgoingMessage(DotNetOpenAuth.Messaging.IProtocolMessage)">
            <summary>
            Prepares a message for sending based on the rules of this channel binding element.
            </summary>
            <param name="message">The message to prepare for sending.</param>
            <returns>
            The protections (if any) that this binding element applied to the message.
            Null if this binding element did not even apply to this binding element.
            </returns>
            <remarks>
            Implementations that provide message protection must honor the
            <see cref="P:DotNetOpenAuth.Messaging.MessagePartAttribute.RequiredProtection"/> properties where applicable.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.ProcessIncomingMessage(DotNetOpenAuth.Messaging.IProtocolMessage)">
            <summary>
            Performs any transformation on an incoming message that may be necessary and/or
            validates an incoming message based on the rules of this channel binding element.
            </summary>
            <param name="message">The incoming message to process.</param>
            <returns>
            The protections (if any) that this binding element applied to the message.
            Null if this binding element did not even apply to this binding element.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">
            Thrown when the binding element rules indicate that this message is invalid and should
            NOT be processed.
            </exception>
            <remarks>
            Implementations that provide message protection must honor the
            <see cref="P:DotNetOpenAuth.Messaging.MessagePartAttribute.RequiredProtection"/> properties where applicable.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.UseRequestNonce(DotNetOpenAuth.Messaging.IMessage)">
            <summary>
            Determines whether a request nonce should be applied the request
            or should be expected in the response.
            </summary>
            <param name="message">The authentication request or the positive assertion response.</param>
            <returns>
            <c>true</c> if the message exchanged with an OpenID 1.x provider
            or if unsolicited assertions should be rejected at the RP; otherwise <c>false</c>.
            </returns>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.Channel">
            <summary>
            Gets or sets the channel that this binding element belongs to.
            </summary>
            <remarks>
            This property is set by the channel when it is first constructed.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.Protection">
            <summary>
            Gets the protection offered (if any) by this binding element.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.MaximumMessageAge">
            <summary>
            Gets the maximum message age from the standard expiration binding element.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce">
            <summary>
            A special DotNetOpenAuth-only nonce used by the RP when talking to 1.0 OPs in order
            to protect against replay attacks.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.randomPart">
            <summary>
            The random bits generated for the nonce.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.#ctor(System.DateTime,System.Byte[])">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce"/> class.
            </summary>
            <param name="creationDate">The creation date of the nonce.</param>
            <param name="randomPart">The random bits that help make the nonce unique.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.NewNonce">
            <summary>
            Creates a new nonce.
            </summary>
            <returns>The newly instantiated instance.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.Deserialize(System.String)">
            <summary>
            Deserializes a nonce from the return_to parameter.
            </summary>
            <param name="value">The base64-encoded value of the nonce.</param>
            <returns>The instantiated and initialized nonce.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.Serialize">
            <summary>
            Serializes the entire nonce for adding to the return_to URL.
            </summary>
            <returns>The base64-encoded string representing the nonce.</returns>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.CreationDateUtc">
            <summary>
            Gets the creation date.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement.CustomNonce.RandomPartAsString">
            <summary>
            Gets the random part of the nonce as a base64 encoded string.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.Extensions.ExtensionsInteropHelper">
            <summary>
            A set of methods designed to assist in improving interop across different
            OpenID implementations and their extensions.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Extensions.ExtensionsInteropHelper.SpreadSregToAX(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest,DotNetOpenAuth.OpenId.Extensions.AttributeExchange.AXAttributeFormats)">
            <summary>
            Adds an Attribute Exchange (AX) extension to the authentication request
            that asks for the same attributes as the Simple Registration (sreg) extension
            that is already applied.
            </summary>
            <param name="request">The authentication request.</param>
            <param name="attributeFormats">The attribute formats to use in the AX request.</param>
            <remarks>
            	<para>If discovery on the user-supplied identifier yields hints regarding which
            extensions and attribute formats the Provider supports, this method MAY ignore the
            <paramref name="attributeFormats"/> argument and accomodate the Provider to minimize
            the size of the request.</para>
            	<para>If the request does not carry an sreg extension, the method logs a warning but
            otherwise quietly returns doing nothing.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Extensions.ExtensionsInteropHelper.UnifyExtensionsAsSreg(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse,System.Boolean)">
            <summary>
            Looks for Simple Registration and Attribute Exchange (all known formats)
            response extensions and returns them as a Simple Registration extension.
            </summary>
            <param name="response">The authentication response.</param>
            <param name="allowUnsigned">if set to <c>true</c> unsigned extensions will be included in the search.</param>
            <returns>
            The Simple Registration response if found, 
            or a fabricated one based on the Attribute Exchange extension if found,
            or just an empty <see cref="T:DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.ClaimsResponse"/> if there was no data.
            Never <c>null</c>.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Extensions.ExtensionsInteropHelper.GetAttributeValue(DotNetOpenAuth.OpenId.Extensions.AttributeExchange.FetchResponse,System.String,DotNetOpenAuth.OpenId.Extensions.AttributeExchange.AXAttributeFormats)">
            <summary>
            Gets the attribute value if available.
            </summary>
            <param name="fetchResponse">The AX fetch response extension to look for the attribute value.</param>
            <param name="typeUri">The type URI of the attribute, using the axschema.org format of <see cref="T:DotNetOpenAuth.OpenId.Extensions.AttributeExchange.WellKnownAttributes"/>.</param>
            <param name="formats">The AX type URI formats to search.</param>
            <returns>
            The first value of the attribute, if available.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Extensions.ExtensionsInteropHelper.TryDetectOPAttributeFormat(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest,DotNetOpenAuth.OpenId.Extensions.AttributeExchange.AXAttributeFormats@)">
            <summary>
            Tries to find the exact format of AX attribute Type URI supported by the Provider.
            </summary>
            <param name="request">The authentication request.</param>
            <param name="attributeFormat">The attribute formats the RP will try if this discovery fails.</param>
            <returns>The AX format(s) to use based on the Provider's advertised AX support.</returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.HostMetaDiscoveryService">
            <summary>
            The discovery service to support host-meta based discovery, such as Google Apps for Domains.
            </summary>
            <remarks>
            The spec for this discovery mechanism can be found at:
            http://groups.google.com/group/google-federated-login-api/web/openid-discovery-for-hosted-domains
            and the XMLDSig spec referenced in that spec can be found at:
            http://wiki.oasis-open.org/xri/XrdOne/XmlDsigProfile
            </remarks>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.LocalHostMetaPath">
            <summary>
            Path to the well-known location of the host-meta document at a domain.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GoogleHostedHostMeta">
            <summary>
            The URI template for discovery host-meta on domains hosted by
            Google Apps for Domains.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaLink">
            <summary>
            The pattern within a host-meta file to look for to obtain the URI to the XRDS document.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.ApprovedCertificateThumbprintCache">
            <summary>
            A set of certificate thumbprints that have been verified.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.HostMetaDiscoveryService"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.Discover(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.Messaging.IDirectWebRequestHandler,System.Boolean@)">
            <summary>
            Performs discovery on the specified identifier.
            </summary>
            <param name="identifier">The identifier to perform discovery on.</param>
            <param name="requestHandler">The means to place outgoing HTTP requests.</param>
            <param name="abortDiscoveryChain">if set to <c>true</c>, no further discovery services will be called for this identifier.</param>
            <returns>
            A sequence of service endpoints yielded by discovery.  Must not be null, but may be empty.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetXrdElements(DotNetOpenAuth.Xrds.XrdsDocument,System.String)">
            <summary>
            Gets the XRD elements that have a given CanonicalID.
            </summary>
            <param name="document">The XRDS document.</param>
            <param name="canonicalId">The CanonicalID to match on.</param>
            <returns>A sequence of XRD elements.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetDescribedByServices(System.Collections.Generic.IEnumerable{DotNetOpenAuth.Xrds.XrdElement})">
            <summary>
            Gets the described-by services in XRD elements.
            </summary>
            <param name="xrds">The XRDs to search.</param>
            <returns>A sequence of services.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetExternalServices(System.Collections.Generic.IEnumerable{DotNetOpenAuth.Xrds.XrdElement},DotNetOpenAuth.OpenId.UriIdentifier,DotNetOpenAuth.Messaging.IDirectWebRequestHandler)">
            <summary>
            Gets the services for an identifier that are described by an external XRDS document.
            </summary>
            <param name="xrds">The XRD elements to search for described-by services.</param>
            <param name="identifier">The identifier under discovery.</param>
            <param name="requestHandler">The request handler.</param>
            <returns>The discovered services.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.ValidateXmlDSig(DotNetOpenAuth.Xrds.XrdsDocument,DotNetOpenAuth.OpenId.UriIdentifier,DotNetOpenAuth.Messaging.IncomingWebResponse,System.String)">
            <summary>
            Validates the XML digital signature on an XRDS document.
            </summary>
            <param name="document">The XRDS document whose signature should be validated.</param>
            <param name="identifier">The identifier under discovery.</param>
            <param name="response">The response.</param>
            <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if the XRDS document has an invalid or a missing signature.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.VerifyCertChain(System.Collections.Generic.IEnumerable{System.Security.Cryptography.X509Certificates.X509Certificate2})">
            <summary>
            Verifies the cert chain.
            </summary>
            <param name="certs">The certs.</param>
            <remarks>
            This must be in a method of its own because there is a LinkDemand on the <see cref="M:System.Security.Cryptography.X509Certificates.X509Chain.Build(System.Security.Cryptography.X509Certificates.X509Certificate2)"/>
            method.  By being in a method of its own, the caller of this method may catch a
            <see cref="T:System.Security.SecurityException"/> that is thrown if we're not running with full trust and execute
            an alternative plan.
            </remarks>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if the certificate chain is invalid or unverifiable.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetXrdsResponse(DotNetOpenAuth.OpenId.UriIdentifier,DotNetOpenAuth.Messaging.IDirectWebRequestHandler,System.Uri)">
            <summary>
            Gets the XRDS HTTP response for a given identifier.
            </summary>
            <param name="identifier">The identifier.</param>
            <param name="requestHandler">The request handler.</param>
            <param name="xrdsLocation">The location of the XRDS document to retrieve.</param>
            <returns>
            A HTTP response carrying an XRDS document.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if the XRDS document could not be obtained.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.VerifyCertificateChain(System.Collections.Generic.IList{System.Security.Cryptography.X509Certificates.X509Certificate2})">
            <summary>
            Verifies that a certificate chain is trusted.
            </summary>
            <param name="certificates">The chain of certificates to verify.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetXrdsResponse(DotNetOpenAuth.OpenId.UriIdentifier,DotNetOpenAuth.Messaging.IDirectWebRequestHandler,System.String@)">
            <summary>
            Gets the XRDS HTTP response for a given identifier.
            </summary>
            <param name="identifier">The identifier.</param>
            <param name="requestHandler">The request handler.</param>
            <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param>
            <returns>A HTTP response carrying an XRDS document, or <c>null</c> if one could not be obtained.</returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if the XRDS document could not be obtained.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetXrdsLocation(DotNetOpenAuth.OpenId.UriIdentifier,DotNetOpenAuth.Messaging.IDirectWebRequestHandler,System.String@)">
            <summary>
            Gets the location of the XRDS document that describes a given identifier.
            </summary>
            <param name="identifier">The identifier under discovery.</param>
            <param name="requestHandler">The request handler.</param>
            <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param>
            <returns>An absolute URI, or <c>null</c> if one could not be determined.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetHostMeta(DotNetOpenAuth.OpenId.UriIdentifier,DotNetOpenAuth.Messaging.IDirectWebRequestHandler,System.String@)">
            <summary>
            Gets the host-meta for a given identifier.
            </summary>
            <param name="identifier">The identifier.</param>
            <param name="requestHandler">The request handler.</param>
            <param name="signingHost">The host name on the certificate that should be used to verify the signature in the XRDS.</param>
            <returns>
            The host-meta response, or <c>null</c> if no host-meta document could be obtained.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.GetHostMetaLocations(DotNetOpenAuth.OpenId.UriIdentifier)">
            <summary>
            Gets the URIs authorized to host host-meta documents on behalf of a given domain.
            </summary>
            <param name="identifier">The identifier.</param>
            <returns>A sequence of URIs that MAY provide the host-meta for a given identifier.</returns>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.TrustedHostMetaProxies">
            <summary>
            Gets the set of URI templates to use to contact host-meta hosting proxies
            for domain discovery.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.UseGoogleHostedHostMeta">
            <summary>
            Gets or sets a value indicating whether to trust Google to host domains' host-meta documents.
            </summary>
            <remarks>
            This property is just a convenient mechanism for checking or changing the set of
            trusted host-meta proxies in the <see cref="P:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.TrustedHostMetaProxies"/> property.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy">
            <summary>
            A description of a web server that hosts host-meta documents.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.#ctor(System.String,System.String)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy"/> class.
            </summary>
            <param name="proxyFormat">The proxy formatting string.</param>
            <param name="signingHostFormat">The signing host formatting string.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.GetProxy(DotNetOpenAuth.OpenId.UriIdentifier)">
            <summary>
            Gets the absolute proxy URI.
            </summary>
            <param name="identifier">The identifier being discovered.</param>
            <returns>The an absolute URI.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.GetSigningHost(DotNetOpenAuth.OpenId.UriIdentifier)">
            <summary>
            Gets the signing host URI.
            </summary>
            <param name="identifier">The identifier being discovered.</param>
            <returns>A host name.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.Equals(System.Object)">
            <summary>
            Determines whether the specified <see cref="T:System.Object"/> is equal to the current <see cref="T:System.Object"/>.
            </summary>
            <param name="obj">The <see cref="T:System.Object"/> to compare with the current <see cref="T:System.Object"/>.</param>
            <returns>
            true if the specified <see cref="T:System.Object"/> is equal to the current <see cref="T:System.Object"/>; otherwise, false.
            </returns>
            <exception cref="T:System.NullReferenceException">
            The <paramref name="obj"/> parameter is null.
            </exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.GetHashCode">
            <summary>
            Serves as a hash function for a particular type.
            </summary>
            <returns>
            A hash code for the current <see cref="T:System.Object"/>.
            </returns>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.ProxyFormat">
            <summary>
            Gets the URL of the host-meta proxy.
            </summary>
            <value>The absolute proxy URL, which may include {0} to be replaced with the host of the identifier to be discovered.</value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.HostMetaDiscoveryService.HostMetaProxy.SigningHostFormat">
            <summary>
            Gets the formatting string to determine the expected host name on the certificate
            that is expected to be used to sign the XRDS document.
            </summary>
            <value>
            Either a string literal, or a formatting string where these placeholders may exist:
            {0} the host on the identifier discovery was originally performed on;
            {1} the host on this proxy.
            </value>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim">
            <summary>
            The COM type used to provide details of an authentication result to a relying party COM client.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.response">
            <summary>
            The response read in by the Relying Party.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.#ctor(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim"/> class.
            </summary>
            <param name="response">The response.</param>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.ClaimedIdentifier">
            <summary>
            Gets an Identifier that the end user claims to own.  For use with user database storage and lookup.
            May be null for some failed authentications (i.e. failed directed identity authentications).
            </summary>
            <remarks>
            <para>
            This is the secure identifier that should be used for database storage and lookup.
            It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
            user identities against spoofing and other attacks.  
            </para>
            <para>
            For user-friendly identifiers to display, use the 
            <see cref="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.FriendlyIdentifierForDisplay"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.FriendlyIdentifierForDisplay">
            <summary>
            Gets a user-friendly OpenID Identifier for display purposes ONLY.
            </summary>
            <remarks>
            <para>
            This <i>should</i> be put through <see cref="M:System.Web.HttpUtility.HtmlEncode(System.String)"/> before
            sending to a browser to secure against javascript injection attacks.
            </para>
            <para>
            This property retains some aspects of the user-supplied identifier that get lost
            in the <see cref="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
            identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
            For display purposes, such as text on a web page that says "You're logged in as ...",
            this property serves to provide the =Arnott string, or whatever else is the most friendly
            string close to what the user originally typed in.
            </para>
            <para>
            If the user-supplied identifier is a URI, this property will be the URI after all 
            redirects, and with the protocol and fragment trimmed off.
            If the user-supplied identifier is an XRI, this property will be the original XRI.
            If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com), 
            this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
            </para>
            <para>
            It is <b>very</b> important that this property <i>never</i> be used for database storage
            or lookup to avoid identity spoofing and other security risks.  For database storage
            and lookup please use the <see cref="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.ClaimedIdentifier"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.ProviderEndpoint">
            <summary>
            Gets the provider endpoint that sent the assertion.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.Successful">
            <summary>
            Gets a value indicating whether the authentication attempt succeeded.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.ClaimsResponse">
            <summary>
            Gets the Simple Registration response.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.AuthenticationResponseShim.ExceptionMessage">
            <summary>
            Gets details regarding a failed authentication attempt, if available.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim">
            <summary>
            A struct storing Simple Registration field values describing an
            authenticating user.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.response">
            <summary>
            The Simple Registration claims response message that this shim wraps.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.#ctor(DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.ClaimsResponse)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim"/> class.
            </summary>
            <param name="response">The Simple Registration response to wrap.</param>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.Nickname">
            <summary>
            Gets the nickname the user goes by.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.Email">
            <summary>
            Gets the user's email address.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.FullName">
            <summary>
            Gets the full name of a user as a single string.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.BirthDate">
            <summary>
            Gets the raw birth date string given by the extension.
            </summary>
            <value>A string in the format yyyy-MM-dd.</value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.Gender">
            <summary>
            Gets the gender of the user.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.PostalCode">
            <summary>
            Gets the zip code / postal code of the user.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.Country">
            <summary>
            Gets the country of the user.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.Language">
            <summary>
            Gets the primary/preferred language of the user.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.Interop.ClaimsResponseShim.TimeZone">
            <summary>
            Gets the user's timezone.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim">
            <summary>
            Implementation of <see cref="T:DotNetOpenAuth.OpenId.Interop.IOpenIdRelyingParty"/>, providing a subset of the
            functionality available to .NET clients.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim.relyingParty">
            <summary>
            The OpenIdRelyingParty instance to use for requests.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim.#cctor">
            <summary>
            Initializes static members of the <see cref="T:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim.CreateRequest(System.String,System.String,System.String)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <param name="realm">
            The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.
            </param>
            <param name="returnToUrl">
            The URL of the login page, or the page prepared to receive authentication 
            responses from the OpenID Provider.
            </param>
            <returns>
            An authentication request object that describes the HTTP response to
            send to the user agent to initiate the authentication.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim.CreateRequestWithSimpleRegistration(System.String,System.String,System.String,System.String,System.String)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">The Identifier supplied by the user.  This may be a URL, an XRI or i-name.</param>
            <param name="realm">The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.</param>
            <param name="returnToUrl">The URL of the login page, or the page prepared to receive authentication
            responses from the OpenID Provider.</param>
            <param name="optionalSreg">A comma-delimited list of simple registration fields to request as optional.</param>
            <param name="requiredSreg">A comma-delimited list of simple registration fields to request as required.</param>
            <returns>
            An authentication request object that describes the HTTP response to
            send to the user agent to initiate the authentication.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Interop.OpenIdRelyingPartyShim.ProcessAuthentication(System.String,System.String)">
            <summary>
            Gets the result of a user agent's visit to his OpenId provider in an
            authentication attempt.  Null if no response is available.
            </summary>
            <param name="url">The incoming request URL.</param>
            <param name="form">The form data that may have been included in the case of a POST request.</param>
            <returns>The Provider's response to a previous authentication request, or null if no response is present.</returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Messages.AssociateDiffieHellmanRelyingPartyResponse">
            <summary>
            The successful Diffie-Hellman association response message.
            </summary>
            <remarks>
            Association response messages are described in OpenID 2.0 section 8.2.  This type covers section 8.2.3.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Messages.IAssociateSuccessfulResponseRelyingParty">
            <summary>
            A successful association response as it is received by the relying party.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.IAssociateSuccessfulResponseRelyingParty.CreateAssociationAtRelyingParty(DotNetOpenAuth.OpenId.Messages.AssociateRequest)">
            <summary>
            Called to create the Association based on a request previously given by the Relying Party.
            </summary>
            <param name="request">The prior request for an association.</param>
            <returns>The created association.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.AssociateDiffieHellmanRelyingPartyResponse.#ctor(System.Version,DotNetOpenAuth.OpenId.Messages.AssociateDiffieHellmanRequest)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.Messages.AssociateDiffieHellmanRelyingPartyResponse"/> class.
            </summary>
            <param name="responseVersion">The OpenID version of the response message.</param>
            <param name="originatingRequest">The originating request.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.AssociateDiffieHellmanRelyingPartyResponse.CreateAssociationAtRelyingParty(DotNetOpenAuth.OpenId.Messages.AssociateRequest)">
            <summary>
            Creates the association at relying party side after the association response has been received.
            </summary>
            <param name="request">The original association request that was already sent and responded to.</param>
            <returns>The newly created association.</returns>
            <remarks>
            The resulting association is <i>not</i> added to the association store and must be done by the caller.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Messages.AssociateRequestRelyingParty">
            <summary>
            Utility methods for requesting associations from the relying party.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.AssociateRequestRelyingParty.Create(DotNetOpenAuth.OpenId.SecuritySettings,DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint)">
            <summary>
            Creates an association request message that is appropriate for a given Provider.
            </summary>
            <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
            <param name="provider">The provider to create an association with.</param>
            <returns>
            The message to send to the Provider to request an association.
            Null if no association could be created that meet the security requirements
            and the provider OpenID version.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.AssociateRequestRelyingParty.Create(DotNetOpenAuth.OpenId.SecuritySettings,DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint,System.String,System.String)">
            <summary>
            Creates an association request message that is appropriate for a given Provider.
            </summary>
            <param name="securityRequirements">The set of requirements the selected association type must comply to.</param>
            <param name="provider">The provider to create an association with.</param>
            <param name="associationType">Type of the association.</param>
            <param name="sessionType">Type of the session.</param>
            <returns>
            The message to send to the Provider to request an association.
            Null if no association could be created that meet the security requirements
            and the provider OpenID version.
            </returns>
        </member>
        <member name="T:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract">
            <summary>
            Code contract for the <see cref="T:DotNetOpenAuth.OpenId.Messages.IAssociateSuccessfulResponseRelyingParty"/> interface.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract.DotNetOpenAuth#Messaging#IMessage#EnsureValidMessage">
            <summary>
            Checks the message state for conformity to the protocol specification
            and throws an exception if the message is invalid.
            </summary>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if the message is invalid.</exception>
        </member>
        <member name="M:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract.DotNetOpenAuth#OpenId#Messages#IAssociateSuccessfulResponseRelyingParty#CreateAssociationAtRelyingParty(DotNetOpenAuth.OpenId.Messages.AssociateRequest)">
            <summary>
            Called to create the Association based on a request previously given by the Relying Party.
            </summary>
            <param name="request">The prior request for an association.</param>
            <returns>
            The created association.
            </returns>
        </member>
        <member name="P:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract.DotNetOpenAuth#Messaging#IProtocolMessage#RequiredProtection">
            <summary>
            Gets the level of protection this message requires.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract.DotNetOpenAuth#Messaging#IProtocolMessage#Transport">
            <summary>
            Gets a value indicating whether this is a direct or indirect message.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract.DotNetOpenAuth#Messaging#IMessage#Version">
            <summary>
            Gets the version of the protocol or extension this message is prepared to implement.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.IAssociateSuccessfulResponseRelyingPartyContract.DotNetOpenAuth#Messaging#IMessage#ExtraData">
            <summary>
            Gets the extra, non-standard Protocol parameters included in the message.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.Messages.AssociateUnencryptedResponseRelyingParty">
            <summary>
            A response to an unencrypted assocation request, as it is received by the relying party.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.AssociateUnencryptedResponseRelyingParty.#ctor(System.Version,DotNetOpenAuth.OpenId.Messages.AssociateUnencryptedRequest)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.Messages.AssociateUnencryptedResponseRelyingParty"/> class.
            </summary>
            <param name="version">The version.</param>
            <param name="request">The request.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.Messages.AssociateUnencryptedResponseRelyingParty.CreateAssociationAtRelyingParty(DotNetOpenAuth.OpenId.Messages.AssociateRequest)">
            <summary>
            Called to create the Association based on a request previously given by the Relying Party.
            </summary>
            <param name="request">The prior request for an association.</param>
            <returns>The created association.</returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore">
            <summary>
            Wraps a standard <see cref="T:DotNetOpenAuth.Messaging.Bindings.ICryptoKeyStore"/> so that it behaves as an association store.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore">
            <summary>
            Stores <see cref="T:DotNetOpenAuth.OpenId.Association"/>s for lookup by their handle, keeping
            associations separated by a given OP Endpoint.
            </summary>
            <remarks>
            Expired associations should be periodically cleared out of an association store.
            This should be done frequently enough to avoid a memory leak, but sparingly enough
            to not be a performance drain.  Because this balance can vary by host, it is the
            responsibility of the host to initiate this cleaning.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore.StoreAssociation(System.Uri,DotNetOpenAuth.OpenId.Association)">
            <summary>
            Saves an <see cref="T:DotNetOpenAuth.OpenId.Association"/> for later recall.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="association">The association to store.</param>
            <remarks>
            If the new association conflicts (in OP endpoint and association handle) with an existing association,
            (which should never happen by the way) implementations may overwrite the previously saved association.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore.GetAssociation(System.Uri,DotNetOpenAuth.OpenId.SecuritySettings)">
            <summary>
            Gets the best association (the one with the longest remaining life) for a given key.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="securityRequirements">The security requirements that the returned association must meet.</param>
            <returns>
            The requested association, or null if no unexpired <see cref="T:DotNetOpenAuth.OpenId.Association"/>s exist for the given key.
            </returns>
            <remarks>
            In the event that multiple associations exist for the given 
            <paramref name="providerEndpoint"/>, it is important for the 
            implementation for this method to use the <paramref name="securityRequirements"/>
            to pick the best (highest grade or longest living as the host's policy may dictate)
            association that fits the security requirements.
            Associations that are returned that do not meet the security requirements will be
            ignored and a new association created.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore.GetAssociation(System.Uri,System.String)">
            <summary>
            Gets the association for a given key and handle.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="handle">The handle of the specific association that must be recalled.</param>
            <returns>The requested association, or null if no unexpired <see cref="T:DotNetOpenAuth.OpenId.Association"/>s exist for the given key and handle.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore.RemoveAssociation(System.Uri,System.String)">
            <summary>Removes a specified handle that may exist in the store.</summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="handle">The handle of the specific association that must be deleted.</param>
            <returns>
            Deprecated.  The return value is insignificant.
            Previously: True if the association existed in this store previous to this call.
            </returns>
            <remarks>
            No exception should be thrown if the association does not exist in the store
            before this call.
            </remarks>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore.keyStore">
            <summary>
            The underlying key store.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore.#ctor(DotNetOpenAuth.Messaging.Bindings.ICryptoKeyStore)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore"/> class.
            </summary>
            <param name="keyStore">The key store.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore.StoreAssociation(System.Uri,DotNetOpenAuth.OpenId.Association)">
            <summary>
            Saves an <see cref="T:DotNetOpenAuth.OpenId.Association"/> for later recall.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="association">The association to store.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore.GetAssociation(System.Uri,DotNetOpenAuth.OpenId.SecuritySettings)">
            <summary>
            Gets the best association (the one with the longest remaining life) for a given key.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="securityRequirements">The security requirements that the returned association must meet.</param>
            <returns>
            The requested association, or null if no unexpired <see cref="T:DotNetOpenAuth.OpenId.Association"/>s exist for the given key.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore.GetAssociation(System.Uri,System.String)">
            <summary>
            Gets the association for a given key and handle.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="handle">The handle of the specific association that must be recalled.</param>
            <returns>
            The requested association, or null if no unexpired <see cref="T:DotNetOpenAuth.OpenId.Association"/>s exist for the given key and handle.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.CryptoKeyStoreAsRelyingPartyAssociationStore.RemoveAssociation(System.Uri,System.String)">
            <summary>
            Removes a specified handle that may exist in the store.
            </summary>
            <param name="providerEndpoint">The OP Endpoint with which the association is established.</param>
            <param name="handle">The handle of the specific association that must be deleted.</param>
            <returns>
            True if the association existed in this store previous to this call.
            </returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.Extensions.UI.UIUtilities">
            <summary>
            Constants used in implementing support for the UI extension.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Extensions.UI.UIUtilities.GetWindowPopupScript(DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty,DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest,System.String)">
            <summary>
            Gets the <c>window.open</c> javascript snippet to use to open a popup window
            compliant with the UI extension.
            </summary>
            <param name="relyingParty">The relying party.</param>
            <param name="request">The authentication request to place in the window.</param>
            <param name="windowName">The name to assign to the popup window.</param>
            <returns>A string starting with 'window.open' and forming just that one method call.</returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStoreContract">
            <summary>
            Code Contract for the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStoreContract.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyAssociationStore#StoreAssociation(System.Uri,DotNetOpenAuth.OpenId.Association)">
            <summary>
            Saves an <see cref="T:DotNetOpenAuth.OpenId.Association"/> for later recall.
            </summary>
            <param name="providerEndpoint">The Uri (for relying parties) or Smart/Dumb (for providers).</param>
            <param name="association">The association to store.</param>
            <remarks>
            TODO: what should implementations do on association handle conflict?
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStoreContract.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyAssociationStore#GetAssociation(System.Uri,DotNetOpenAuth.OpenId.SecuritySettings)">
            <summary>
            Gets the best association (the one with the longest remaining life) for a given key.
            </summary>
            <param name="providerEndpoint">The Uri (for relying parties) or Smart/Dumb (for Providers).</param>
            <param name="securityRequirements">The security requirements that the returned association must meet.</param>
            <returns>
            The requested association, or null if no unexpired <see cref="T:DotNetOpenAuth.OpenId.Association"/>s exist for the given key.
            </returns>
            <remarks>
            In the event that multiple associations exist for the given
            <paramref name="providerEndpoint"/>, it is important for the
            implementation for this method to use the <paramref name="securityRequirements"/>
            to pick the best (highest grade or longest living as the host's policy may dictate)
            association that fits the security requirements.
            Associations that are returned that do not meet the security requirements will be
            ignored and a new association created.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStoreContract.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyAssociationStore#GetAssociation(System.Uri,System.String)">
            <summary>
            Gets the association for a given key and handle.
            </summary>
            <param name="providerEndpoint">The Uri (for relying parties) or Smart/Dumb (for Providers).</param>
            <param name="handle">The handle of the specific association that must be recalled.</param>
            <returns>
            The requested association, or null if no unexpired <see cref="T:DotNetOpenAuth.OpenId.Association"/>s exist for the given key and handle.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStoreContract.DotNetOpenAuth#OpenId#RelyingParty#IRelyingPartyAssociationStore#RemoveAssociation(System.Uri,System.String)">
            <summary>
            Removes a specified handle that may exist in the store.
            </summary>
            <param name="providerEndpoint">The Uri (for relying parties) or Smart/Dumb (for Providers).</param>
            <param name="handle">The handle of the specific association that must be deleted.</param>
            <returns>
            True if the association existed in this store previous to this call.
            </returns>
            <remarks>
            No exception should be thrown if the association does not exist in the store
            before this call.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.Associations">
            <summary>
            A dictionary of handle/Association pairs.
            </summary>
            <remarks>
            Each method is locked, even if it is only one line, so that they are thread safe
            against each other, particularly the ones that enumerate over the list, since they
            can break if the collection is changed by another thread during enumeration.
            </remarks>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.Associations.associations">
            <summary>
            The lookup table where keys are the association handles and values are the associations themselves.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Associations.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.Associations"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Associations.Set(DotNetOpenAuth.OpenId.Association)">
            <summary>
            Stores an <see cref="T:DotNetOpenAuth.OpenId.Association"/> in the collection.
            </summary>
            <param name="association">The association to add to the collection.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Associations.Get(System.String)">
            <summary>
            Returns the <see cref="T:DotNetOpenAuth.OpenId.Association"/> with the given handle.  Null if not found.
            </summary>
            <param name="handle">The handle to the required association.</param>
            <returns>The desired association, or null if none with the given handle could be found.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Associations.Remove(System.String)">
            <summary>
            Removes the <see cref="T:DotNetOpenAuth.OpenId.Association"/> with the given handle.
            </summary>
            <param name="handle">The handle to the required association.</param>
            <returns>Whether an <see cref="T:DotNetOpenAuth.OpenId.Association"/> with the given handle was in the collection for removal.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.Associations.ClearExpired">
            <summary>
            Removes all expired associations from the collection.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.Associations.Best">
            <summary>
            Gets the <see cref="T:DotNetOpenAuth.OpenId.Association"/>s ordered in order of descending issue date
            (most recently issued comes first).  An empty sequence if no valid associations exist.
            </summary>
            <remarks>
            This property is used by relying parties that are initiating authentication requests.
            It does not apply to Providers, which always need a specific association by handle.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager">
            <summary>
            Manages the establishment, storage and retrieval of associations at the relying party.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.associationStore">
            <summary>
            The storage to use for saving and retrieving associations.  May be null.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.channel">
            <summary>
            Backing field for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.Channel"/> property.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.securitySettings">
            <summary>
            Backing field for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.SecuritySettings"/> property.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.#ctor(DotNetOpenAuth.Messaging.Channel,DotNetOpenAuth.OpenId.RelyingParty.IRelyingPartyAssociationStore,DotNetOpenAuth.OpenId.RelyingParty.RelyingPartySecuritySettings)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager"/> class.
            </summary>
            <param name="channel">The channel the relying party is using.</param>
            <param name="associationStore">The association store.  May be null for dumb mode relying parties.</param>
            <param name="securitySettings">The security settings.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.GetExistingAssociation(DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint)">
            <summary>
            Gets an association between this Relying Party and a given Provider
            if it already exists in the association store.
            </summary>
            <param name="provider">The provider to create an association with.</param>
            <returns>The association if one exists and has useful life remaining.  Otherwise <c>null</c>.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.GetOrCreateAssociation(DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint)">
            <summary>
            Gets an existing association with the specified Provider, or attempts to create
            a new association of one does not already exist.
            </summary>
            <param name="provider">The provider to get an association for.</param>
            <returns>The existing or new association; <c>null</c> if none existed and one could not be created.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.CreateNewAssociation(DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint)">
            <summary>
            Creates a new association with a given Provider.
            </summary>
            <param name="provider">The provider to create an association with.</param>
            <returns>
            The newly created association, or null if no association can be created with
            the given Provider given the current security settings.
            </returns>
            <remarks>
            A new association is created and returned even if one already exists in the
            association store.
            Any new association is automatically added to the <see cref="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.associationStore"/>.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.CreateNewAssociation(DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint,DotNetOpenAuth.OpenId.Messages.AssociateRequest,System.Int32)">
            <summary>
            Creates a new association with a given Provider.
            </summary>
            <param name="provider">The provider to create an association with.</param>
            <param name="associateRequest">The associate request.  May be <c>null</c>, which will always result in a <c>null</c> return value..</param>
            <param name="retriesRemaining">The number of times to try the associate request again if the Provider suggests it.</param>
            <returns>
            The newly created association, or null if no association can be created with
            the given Provider given the current security settings.
            </returns>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.Channel">
            <summary>
            Gets or sets the channel to use for establishing associations.
            </summary>
            <value>The channel.</value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.SecuritySettings">
            <summary>
            Gets or sets the security settings to apply in choosing association types to support.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.HasAssociationStore">
            <summary>
            Gets a value indicating whether this instance has an association store.
            </summary>
            <value>
            	<c>true</c> if the relying party can act in 'smart' mode;
            	<c>false</c> if the relying party must always act in 'dumb' mode.
            </value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.AssociationStoreTestHook">
            <summary>
            Gets the storage to use for saving and retrieving associations.  May be null.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.AssociationPreference">
            <summary>
            Preferences regarding creation and use of an association between a relying party
            and provider for authentication.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationPreference.IfPossible">
            <summary>
            Indicates that an association should be created for use in authentication
            if one has not already been established between the relying party and the
            selected provider.
            </summary>
            <remarks>
            Even with this value, if an association attempt fails or the relying party
            has no application store to recall associations, the authentication may 
            proceed without an association.
            </remarks>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationPreference.IfAlreadyEstablished">
            <summary>
            Indicates that an association should be used for authentication only if
            it happens to already exist.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AssociationPreference.Never">
            <summary>
            Indicates that an authentication attempt should NOT use an OpenID association
            between the relying party and the provider, even if an association was previously
            created.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest">
            <summary>
            Facilitates customization and creation and an authentication request
            that a Relying Party is preparing to send.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.UserSuppliedIdentifierParameterName">
            <summary>
            The name of the internal callback parameter to use to store the user-supplied identifier.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.RelyingParty">
            <summary>
            The relying party that created this request object.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.associationPreference">
            <summary>
            How an association may or should be created or used in the formulation of the 
            authentication request.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.extensions">
            <summary>
            The extensions that have been added to this authentication request.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.returnToArgs">
            <summary>
            Arguments to add to the return_to part of the query string, so that
            these values come back to the consumer when the user agent returns.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.returnToArgsMustBeSigned">
            <summary>
            A value indicating whether the return_to callback arguments must be signed.
            </summary>
            <remarks>
            This field defaults to false, but is set to true as soon as the first callback argument
            is added that indicates it must be signed.  At which point, all arguments are signed
            even if individual ones did not need to be.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.#ctor(DotNetOpenAuth.OpenId.IdentifierDiscoveryResult,DotNetOpenAuth.OpenId.Realm,System.Uri,DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest"/> class.
            </summary>
            <param name="discoveryResult">The endpoint that describes the OpenID Identifier and Provider that will complete the authentication.</param>
            <param name="realm">The realm, or root URL, of the host web site.</param>
            <param name="returnToUrl">The base return_to URL that the Provider should return the user to to complete authentication.  This should not include callback parameters as these should be added using the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> method.</param>
            <param name="relyingParty">The relying party that created this instance.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.AddCallbackArguments(System.Collections.Generic.IDictionary{System.String,System.String})">
            <summary>
            Makes a dictionary of key/value pairs available when the authentication is completed.
            </summary>
            <param name="arguments">The arguments to add to the request's return_to URI.</param>
            <remarks>
            	<para>Note that these values are NOT protected against eavesdropping in transit.  No
            privacy-sensitive data should be stored using this method.</para>
            	<para>The values stored here can be retrieved using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse.GetCallbackArguments"/>, which will only return the value
            if it hasn't been tampered with in transit.</para>
            	<para>Since the data set here is sent in the querystring of the request and some
            servers place limits on the size of a request URL, this data should be kept relatively
            small to ensure successful authentication.  About 1.5KB is about all that should be stored.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.AddCallbackArguments(System.String,System.String)">
            <summary>
            Makes a key/value pair available when the authentication is completed.
            </summary>
            <param name="key">The parameter name.</param>
            <param name="value">The value of the argument.</param>
            <remarks>
            	<para>Note that these values are NOT protected against eavesdropping in transit.  No
            privacy-sensitive data should be stored using this method.</para>
            	<para>The value stored here can be retrieved using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse.GetCallbackArgument(System.String)"/>, which will only return the value
            if it hasn't been tampered with in transit.</para>
            	<para>Since the data set here is sent in the querystring of the request and some
            servers place limits on the size of a request URL, this data should be kept relatively
            small to ensure successful authentication.  About 1.5KB is about all that should be stored.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.SetCallbackArgument(System.String,System.String)">
            <summary>
            Makes a key/value pair available when the authentication is completed.
            </summary>
            <param name="key">The parameter name.</param>
            <param name="value">The value of the argument.  Must not be null.</param>
            <remarks>
            	<para>Note that these values are NOT protected against tampering in transit.  No
            security-sensitive data should be stored using this method.</para>
            	<para>The value stored here can be retrieved using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse.GetCallbackArgument(System.String)"/>.</para>
            	<para>Since the data set here is sent in the querystring of the request and some
            servers place limits on the size of a request URL, this data should be kept relatively
            small to ensure successful authentication.  About 1.5KB is about all that should be stored.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.SetUntrustedCallbackArgument(System.String,System.String)">
            <summary>
            Makes a key/value pair available when the authentication is completed without
            requiring a return_to signature to protect against tampering of the callback argument.
            </summary>
            <param name="key">The parameter name.</param>
            <param name="value">The value of the argument.  Must not be null.</param>
            <remarks>
            	<para>Note that these values are NOT protected against eavesdropping or tampering in transit.  No
            security-sensitive data should be stored using this method. </para>
            	<para>The value stored here can be retrieved using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse.GetCallbackArgument(System.String)"/>.</para>
            	<para>Since the data set here is sent in the querystring of the request and some
            servers place limits on the size of a request URL, this data should be kept relatively
            small to ensure successful authentication.  About 1.5KB is about all that should be stored.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.AddExtension(DotNetOpenAuth.OpenId.Messages.IOpenIdMessageExtension)">
            <summary>
            Adds an OpenID extension to the request directed at the OpenID provider.
            </summary>
            <param name="extension">The initialized extension to add to the request.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.RedirectToProvider">
            <summary>
            Redirects the user agent to the provider for authentication.
            </summary>
            <remarks>
            This method requires an ASP.NET HttpContext.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Create(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty,DotNetOpenAuth.OpenId.Realm,System.Uri,System.Boolean)">
            <summary>
            Performs identifier discovery, creates associations and generates authentication requests
            on-demand for as long as new ones can be generated based on the results of Identifier discovery.
            </summary>
            <param name="userSuppliedIdentifier">The user supplied identifier.</param>
            <param name="relyingParty">The relying party.</param>
            <param name="realm">The realm.</param>
            <param name="returnToUrl">The return_to base URL.</param>
            <param name="createNewAssociationsAsNeeded">if set to <c>true</c>, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.</param>
            <returns>
            A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
            Never null, but may be empty.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.CreateForTest(DotNetOpenAuth.OpenId.IdentifierDiscoveryResult,DotNetOpenAuth.OpenId.Realm,System.Uri,DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty)">
            <summary>
            Creates an instance of <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest"/> FOR TESTING PURPOSES ONLY.
            </summary>
            <param name="discoveryResult">The discovery result.</param>
            <param name="realm">The realm.</param>
            <param name="returnTo">The return to.</param>
            <param name="rp">The relying party.</param>
            <returns>The instantiated <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest"/>.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.CreateRequestMessageTestHook">
            <summary>
            Creates the request message to send to the Provider,
            based on the properties in this instance.
            </summary>
            <returns>The message to send to the Provider.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.CreateInternal(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty,DotNetOpenAuth.OpenId.Realm,System.Uri,System.Collections.Generic.IEnumerable{DotNetOpenAuth.OpenId.IdentifierDiscoveryResult},System.Boolean)">
            <summary>
            Performs deferred request generation for the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Create(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty,DotNetOpenAuth.OpenId.Realm,System.Uri,System.Boolean)"/> method.
            </summary>
            <param name="userSuppliedIdentifier">The user supplied identifier.</param>
            <param name="relyingParty">The relying party.</param>
            <param name="realm">The realm.</param>
            <param name="returnToUrl">The return_to base URL.</param>
            <param name="serviceEndpoints">The discovered service endpoints on the Claimed Identifier.</param>
            <param name="createNewAssociationsAsNeeded">if set to <c>true</c>, associations that do not exist between this Relying Party and the asserting Providers are created before the authentication request is created.</param>
            <returns>
            A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
            Never null, but may be empty.
            </returns>
            <remarks>
            All data validation and cleansing steps must have ALREADY taken place
            before calling this method.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.FilterAndSortEndpoints(System.Collections.Generic.IEnumerable{DotNetOpenAuth.OpenId.IdentifierDiscoveryResult},DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty)">
            <summary>
            Returns a filtered and sorted list of the available OP endpoints for a discovered Identifier.
            </summary>
            <param name="endpoints">The endpoints.</param>
            <param name="relyingParty">The relying party.</param>
            <returns>A filtered and sorted list of endpoints; may be empty if the input was empty or the filter removed all endpoints.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.CreateRequestMessage">
            <summary>
            Creates the request message to send to the Provider,
            based on the properties in this instance.
            </summary>
            <returns>The message to send to the Provider.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.GetAssociation">
            <summary>
            Gets the association to use for this authentication request.
            </summary>
            <returns>The association to use; <c>null</c> to use 'dumb mode'.</returns>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Mode">
            <summary>
            Gets or sets the mode the Provider should use during authentication.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.RedirectingResponse">
            <summary>
            Gets the HTTP response the relying party should send to the user agent
            to redirect it to the OpenID Provider to start the OpenID authentication process.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.ReturnToUrl">
            <summary>
            Gets the URL that the user agent will return to after authentication
            completes or fails at the Provider.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Realm">
            <summary>
            Gets the URL that identifies this consumer web application that
            the Provider will display to the end user.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.ClaimedIdentifier">
            <summary>
            Gets the Claimed Identifier that the User Supplied Identifier
            resolved to.  Null if the user provided an OP Identifier
            (directed identity).
            </summary>
            <value></value>
            <remarks>
            Null is returned if the user is using the directed identity feature
            of OpenID 2.0 to make it nearly impossible for a relying party site
            to improperly store the reserved OpenID URL used for directed identity
            as a user's own Identifier.
            However, to test for the Directed Identity feature, please test the
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.IsDirectedIdentity"/> property rather than testing this
            property for a null value.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.IsDirectedIdentity">
            <summary>
            Gets a value indicating whether the authenticating user has chosen to let the Provider
            determine and send the ClaimedIdentifier after authentication.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.IsExtensionOnly">
            <summary>
            Gets or sets a value indicating whether this request only carries extensions
            and is not a request to verify that the user controls some identifier.
            </summary>
            <value>
            	<c>true</c> if this request is merely a carrier of extensions and is not
            about an OpenID identifier; otherwise, <c>false</c>.
            </value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Provider">
            <summary>
            Gets information about the OpenId Provider, as advertised by the
            OpenId discovery documents found at the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.ClaimedIdentifier"/>
            location.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.DiscoveryResult">
            <summary>
            Gets the discovery result leading to the formulation of this request.
            </summary>
            <value>The discovery result.</value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.AssociationPreference">
            <summary>
            Gets or sets how an association may or should be created or used 
            in the formulation of the authentication request.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.AppliedExtensions">
            <summary>
            Gets the extensions that have been added to the request.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Extensions">
            <summary>
            Gets the list of extensions for this request.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer">
            <summary>
            An authentication request comparer that judges equality solely on the OP endpoint hostname.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer.instance">
            <summary>
            The singleton instance of this comparer.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer.#ctor">
            <summary>
            Prevents a default instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer"/> class from being created.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer.Equals(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest,DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest)">
            <summary>
            Determines whether the specified objects are equal.
            </summary>
            <param name="x">The first object to compare.</param>
            <param name="y">The second object to compare.</param>
            <returns>
            true if the specified objects are equal; otherwise, false.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer.GetHashCode(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest)">
            <summary>
            Returns a hash code for the specified object.
            </summary>
            <param name="obj">The <see cref="T:System.Object"/> for which a hash code is to be returned.</param>
            <returns>A hash code for the specified object.</returns>
            <exception cref="T:System.ArgumentNullException">
            The type of <paramref name="obj"/> is a reference type and <paramref name="obj"/> is null.
            </exception>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.DuplicateRequestedHostsComparer.Instance">
            <summary>
            Gets the singleton instance of this comparer.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse">
            <summary>
            Wraps a negative assertion response in an <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse"/> instance
            for public consumption by the host web site.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponse">
            <summary>
            An interface to expose useful properties and functionality for handling
            authentication responses that are returned from Immediate authentication
            requests that require a subsequent request to be made in non-immediate mode.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponse.UserSuppliedIdentifier">
            <summary>
            Gets the <see cref="T:DotNetOpenAuth.OpenId.Identifier"/> to pass to <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(DotNetOpenAuth.OpenId.Identifier)"/>
            in a subsequent authentication attempt.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.response">
            <summary>
            The negative assertion message that was received by the RP that was used
            to create this instance.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.#ctor(DotNetOpenAuth.OpenId.Messages.NegativeAssertionResponse)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse"/> class.
            </summary>
            <param name="response">The negative assertion response received by the Relying Party.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            	<para>This may return any argument on the querystring that came with the authentication response,
            which may include parameters not explicitly added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.</para>
            	<para>Note that these values are NOT protected against tampering in transit.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetUntrustedCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            	<para>This MAY return any argument on the querystring that came with the authentication response,
            which may include parameters not explicitly added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.</para>
            	<para>Note that these values are NOT protected against tampering in transit.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetUntrustedCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetUntrustedExtension``1"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetUntrustedExtension(System.Type)"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetUntrustedExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response, without
            requiring it to be signed by the Provider.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetExtension``1"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetUntrustedExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.GetExtension(System.Type)"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.ClaimedIdentifier">
            <summary>
            Gets the Identifier that the end user claims to own.  For use with user database storage and lookup.
            May be null for some failed authentications (i.e. failed directed identity authentications).
            </summary>
            <value></value>
            <remarks>
            	<para>
            This is the secure identifier that should be used for database storage and lookup.
            It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
            user identities against spoofing and other attacks.
            </para>
            	<para>
            For user-friendly identifiers to display, use the
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.FriendlyIdentifierForDisplay"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.FriendlyIdentifierForDisplay">
            <summary>
            Gets a user-friendly OpenID Identifier for display purposes ONLY.
            </summary>
            <value></value>
            <remarks>
            	<para>
            This <i>should</i> be put through <see cref="M:System.Web.HttpUtility.HtmlEncode(System.String)"/> before
            sending to a browser to secure against javascript injection attacks.
            </para>
            	<para>
            This property retains some aspects of the user-supplied identifier that get lost
            in the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
            identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
            For display purposes, such as text on a web page that says "You're logged in as ...",
            this property serves to provide the =Arnott string, or whatever else is the most friendly
            string close to what the user originally typed in.
            </para>
            	<para>
            If the user-supplied identifier is a URI, this property will be the URI after all
            redirects, and with the protocol and fragment trimmed off.
            If the user-supplied identifier is an XRI, this property will be the original XRI.
            If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
            this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
            </para>
            	<para>
            It is <b>very</b> important that this property <i>never</i> be used for database storage
            or lookup to avoid identity spoofing and other security risks.  For database storage
            and lookup please use the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.ClaimedIdentifier"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.Status">
            <summary>
            Gets the detailed success or failure status of the authentication attempt.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.Provider">
            <summary>
            Gets information about the OpenId Provider, as advertised by the
            OpenID discovery documents found at the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.ClaimedIdentifier"/>
            location.
            </summary>
            <value>
            The Provider endpoint that issued the positive assertion;
            or <c>null</c> if information about the Provider is unavailable.
            </value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.Exception">
            <summary>
            Gets the details regarding a failed authentication attempt, if available.
            This will be set if and only if <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.Status"/> is <see cref="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationStatus.Failed"/>.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.NegativeAuthenticationResponse.UserSuppliedIdentifier">
            <summary>
            Gets the <see cref="T:DotNetOpenAuth.OpenId.Identifier"/> to pass to <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(DotNetOpenAuth.OpenId.Identifier)"/>
            in a subsequent authentication attempt.
            </summary>
            <value></value>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse">
            <summary>
            Wraps an extension-only response from the OP in an <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse"/> instance
            for public consumption by the host web site.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.response">
            <summary>
            Backin field for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.Response"/> property.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.provider">
            <summary>
            Information about the OP endpoint that issued this assertion.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.#ctor(DotNetOpenAuth.OpenId.Messages.IndirectSignedResponse)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse"/> class.
            </summary>
            <param name="response">The response message.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            Callback parameters are only available if they are complete and untampered with
            since the original request message (as proven by a signature).
            If the relying party is operating in stateless mode <c>null</c> is always
            returned since the callback arguments could not be signed to protect against
            tampering.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetUntrustedCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            Callback parameters are only available if they are complete and untampered with
            since the original request message (as proven by a signature).
            If the relying party is operating in stateless mode an empty dictionary is always
            returned since the callback arguments could not be signed to protect against
            tampering.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetUntrustedCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            Callback parameters are only available if they are complete and untampered with
            since the original request message (as proven by a signature).
            If the relying party is operating in stateless mode an empty dictionary is always
            returned since the callback arguments could not be signed to protect against
            tampering.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetUntrustedExtension``1"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetUntrustedExtension(System.Type)"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetUntrustedExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response, without
            requiring it to be signed by the Provider.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetExtension``1"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetUntrustedExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.GetExtension(System.Type)"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.ClaimedIdentifier">
            <summary>
            Gets the Identifier that the end user claims to own.  For use with user database storage and lookup.
            May be null for some failed authentications (i.e. failed directed identity authentications).
            </summary>
            <remarks>
            	<para>
            This is the secure identifier that should be used for database storage and lookup.
            It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
            user identities against spoofing and other attacks.
            </para>
            	<para>
            For user-friendly identifiers to display, use the
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.FriendlyIdentifierForDisplay"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.FriendlyIdentifierForDisplay">
            <summary>
            Gets a user-friendly OpenID Identifier for display purposes ONLY.
            </summary>
            <value></value>
            <remarks>
            	<para>
            This <i>should</i> be put through <see cref="M:System.Web.HttpUtility.HtmlEncode(System.String)"/> before
            sending to a browser to secure against javascript injection attacks.
            </para>
            	<para>
            This property retains some aspects of the user-supplied identifier that get lost
            in the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
            identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
            For display purposes, such as text on a web page that says "You're logged in as ...",
            this property serves to provide the =Arnott string, or whatever else is the most friendly
            string close to what the user originally typed in.
            </para>
            	<para>
            If the user-supplied identifier is a URI, this property will be the URI after all
            redirects, and with the protocol and fragment trimmed off.
            If the user-supplied identifier is an XRI, this property will be the original XRI.
            If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
            this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
            </para>
            	<para>
            It is <b>very</b> important that this property <i>never</i> be used for database storage
            or lookup to avoid identity spoofing and other security risks.  For database storage
            and lookup please use the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.ClaimedIdentifier"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.Status">
            <summary>
            Gets the detailed success or failure status of the authentication attempt.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.Provider">
            <summary>
            Gets information about the OpenId Provider, as advertised by the
            OpenID discovery documents found at the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.ClaimedIdentifier"/>
            location.
            </summary>
            <value>
            The Provider endpoint that issued the positive assertion;
            or <c>null</c> if information about the Provider is unavailable.
            </value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.Exception">
            <summary>
            Gets the details regarding a failed authentication attempt, if available.
            This will be set if and only if <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.Status"/> is <see cref="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationStatus.Failed"/>.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.TrustedCallbackArgumentsAvailable">
            <summary>
            Gets a value indicating whether trusted callback arguments are available.
            </summary>
            <remarks>
            We use this internally to avoid logging a warning during a standard snapshot creation.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAnonymousResponse.Response">
            <summary>
            Gets the positive extension-only message the Relying Party received that this instance wraps.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse">
            <summary>
            Wraps a positive assertion response in an <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse"/> instance
            for public consumption by the host web site.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.#ctor(DotNetOpenAuth.OpenId.Messages.PositiveAssertionResponse,DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse"/> class.
            </summary>
            <param name="response">The positive assertion response that was just received by the Relying Party.</param>
            <param name="relyingParty">The relying party.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.VerifyDiscoveryMatchesAssertion(DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty)">
            <summary>
            Verifies that the positive assertion data matches the results of
            discovery on the Claimed Identifier.
            </summary>
            <param name="relyingParty">The relying party.</param>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">
            Thrown when the Provider is asserting that a user controls an Identifier
            when discovery on that Identifier contradicts what the Provider says.
            This would be an indication of either a misconfigured Provider or
            an attempt by someone to spoof another user's identity with a rogue Provider.
            </exception>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.ClaimedIdentifier">
            <summary>
            Gets the Identifier that the end user claims to own.  For use with user database storage and lookup.
            May be null for some failed authentications (i.e. failed directed identity authentications).
            </summary>
            <value></value>
            <remarks>
            	<para>
            This is the secure identifier that should be used for database storage and lookup.
            It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
            user identities against spoofing and other attacks.
            </para>
            	<para>
            For user-friendly identifiers to display, use the
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.FriendlyIdentifierForDisplay"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.FriendlyIdentifierForDisplay">
            <summary>
            Gets a user-friendly OpenID Identifier for display purposes ONLY.
            </summary>
            <remarks>
            	<para>
            This <i>should</i> be put through <see cref="M:System.Web.HttpUtility.HtmlEncode(System.String)"/> before
            sending to a browser to secure against javascript injection attacks.
            </para>
            	<para>
            This property retains some aspects of the user-supplied identifier that get lost
            in the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
            identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
            For display purposes, such as text on a web page that says "You're logged in as ...",
            this property serves to provide the =Arnott string, or whatever else is the most friendly
            string close to what the user originally typed in.
            </para>
            	<para>
            If the user-supplied identifier is a URI, this property will be the URI after all
            redirects, and with the protocol and fragment trimmed off.
            If the user-supplied identifier is an XRI, this property will be the original XRI.
            If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
            this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
            </para>
            	<para>
            It is <b>very</b> important that this property <i>never</i> be used for database storage
            or lookup to avoid identity spoofing and other security risks.  For database storage
            and lookup please use the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.ClaimedIdentifier"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.Status">
            <summary>
            Gets the detailed success or failure status of the authentication attempt.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.Endpoint">
            <summary>
            Gets the OpenID service endpoint reconstructed from the assertion message.
            </summary>
            <remarks>
            This information is straight from the Provider, and therefore must not
            be trusted until verified as matching the discovery information for
            the claimed identifier to avoid a Provider asserting an Identifier
            for which it has no authority. 
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponse.Response">
            <summary>
            Gets the positive assertion response message.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse">
            <summary>
            Wraps a failed authentication response in an <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse"/> instance
            for public consumption by the host web site.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.#ctor(System.Exception)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse"/> class.
            </summary>
            <param name="exception">The exception that resulted in the failed authentication.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            	<para>This MAY return any argument on the querystring that came with the authentication response,
            which may include parameters not explicitly added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.</para>
            	<para>Note that these values are NOT protected against tampering in transit.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetUntrustedCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            	<para>This may return any argument on the querystring that came with the authentication response,
            which may include parameters not explicitly added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.</para>
            	<para>Note that these values are NOT protected against tampering in transit.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetUntrustedCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetUntrustedExtension``1"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetUntrustedExtension(System.Type)"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetUntrustedExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response, without
            requiring it to be signed by the Provider.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetExtension``1"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetUntrustedExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.GetExtension(System.Type)"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.ClaimedIdentifier">
            <summary>
            Gets the Identifier that the end user claims to own.  For use with user database storage and lookup.
            May be null for some failed authentications (i.e. failed directed identity authentications).
            </summary>
            <value></value>
            <remarks>
            	<para>
            This is the secure identifier that should be used for database storage and lookup.
            It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
            user identities against spoofing and other attacks.
            </para>
            	<para>
            For user-friendly identifiers to display, use the
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.FriendlyIdentifierForDisplay"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.FriendlyIdentifierForDisplay">
            <summary>
            Gets a user-friendly OpenID Identifier for display purposes ONLY.
            </summary>
            <value></value>
            <remarks>
            	<para>
            This <i>should</i> be put through <see cref="M:System.Web.HttpUtility.HtmlEncode(System.String)"/> before
            sending to a browser to secure against javascript injection attacks.
            </para>
            	<para>
            This property retains some aspects of the user-supplied identifier that get lost
            in the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
            identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
            For display purposes, such as text on a web page that says "You're logged in as ...",
            this property serves to provide the =Arnott string, or whatever else is the most friendly
            string close to what the user originally typed in.
            </para>
            	<para>
            If the user-supplied identifier is a URI, this property will be the URI after all
            redirects, and with the protocol and fragment trimmed off.
            If the user-supplied identifier is an XRI, this property will be the original XRI.
            If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
            this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
            </para>
            	<para>
            It is <b>very</b> important that this property <i>never</i> be used for database storage
            or lookup to avoid identity spoofing and other security risks.  For database storage
            and lookup please use the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.ClaimedIdentifier"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.Status">
            <summary>
            Gets the detailed success or failure status of the authentication attempt.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.Provider">
            <summary>
            Gets information about the OpenId Provider, as advertised by the
            OpenID discovery documents found at the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.ClaimedIdentifier"/>
            location.
            </summary>
            <value>
            The Provider endpoint that issued the positive assertion;
            or <c>null</c> if information about the Provider is unavailable.
            </value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.Exception">
            <summary>
            Gets the details regarding a failed authentication attempt, if available.
            This will be set if and only if <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse.Status"/> is <see cref="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationStatus.Failed"/>.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponseContract">
            <summary>
            Code contract class for the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponse"/> type.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponseContract.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponseContract"/> class.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.ISetupRequiredAuthenticationResponseContract.DotNetOpenAuth#OpenId#RelyingParty#ISetupRequiredAuthenticationResponse#UserSuppliedIdentifier">
            <summary>
            Gets the <see cref="T:DotNetOpenAuth.OpenId.Identifier"/> to pass to <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(DotNetOpenAuth.OpenId.Identifier)"/>
            in a subsequent authentication attempt.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.EndpointSelector">
            <summary>
            A delegate that decides whether a given OpenID Provider endpoint may be
            considered for authenticating a user.
            </summary>
            <param name="endpoint">The endpoint for consideration.</param>
            <returns>
            <c>True</c> if the endpoint should be considered.  
            <c>False</c> to remove it from the pool of acceptable providers.
            </returns>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty">
            <summary>
            Provides the programmatic facilities to act as an OpenID relying party.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ApplicationStoreKey">
            <summary>
            The name of the key to use in the HttpApplication cache to store the
            instance of <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore"/> to use.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.behaviors">
            <summary>
            Backing store for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Behaviors"/> property.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.discoveryServices">
            <summary>
            The discovery services to use for identifiers.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.nonVerifyingRelyingParty">
            <summary>
            Backing field for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.NonVerifyingRelyingParty"/> property.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.nonVerifyingRelyingPartyInitLock">
            <summary>
            The lock to obtain when initializing the <see cref="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.nonVerifyingRelyingParty"/> member.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.clientScriptExtensions">
            <summary>
            A dictionary of extension response types and the javascript member 
            name to map them to on the user agent.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.securitySettings">
            <summary>
            Backing field for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.SecuritySettings"/> property.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.endpointOrder">
            <summary>
            Backing store for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.EndpointOrder"/> property.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.channel">
            <summary>
            Backing field for the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Channel"/> property.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.#ctor(DotNetOpenAuth.OpenId.IOpenIdApplicationStore)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty"/> class.
            </summary>
            <param name="applicationStore">The application store.  If <c>null</c>, the relying party will always operate in "stateless/dumb mode".</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.#ctor(DotNetOpenAuth.Messaging.Bindings.ICryptoKeyStore,DotNetOpenAuth.Messaging.Bindings.INonceStore)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty"/> class.
            </summary>
            <param name="cryptoKeyStore">The association store.  If <c>null</c>, the relying party will always operate in "stateless/dumb mode".</param>
            <param name="nonceStore">The nonce store to use.  If <c>null</c>, the relying party will always operate in "stateless/dumb mode".</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.Realm,System.Uri)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <param name="realm">
            The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.
            </param>
            <param name="returnToUrl">
            The URL of the login page, or the page prepared to receive authentication 
            responses from the OpenID Provider.
            </param>
            <returns>
            An authentication request object to customize the request and generate
            an object to send to the user agent to initiate the authentication.
            </returns>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.Realm)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <param name="realm">
            The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.
            </param>
            <returns>
            An authentication request object that describes the HTTP response to
            send to the user agent to initiate the authentication.
            </returns>
            <remarks>
            <para>Requires an <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> context.</para>
            </remarks>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
            <exception cref="T:System.InvalidOperationException">Thrown if <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> == <c>null</c>.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(DotNetOpenAuth.OpenId.Identifier)">
            <summary>
            Creates an authentication request to verify that a user controls
            some given Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <returns>
            An authentication request object that describes the HTTP response to
            send to the user agent to initiate the authentication.
            </returns>
            <remarks>
            <para>Requires an <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> context.</para>
            </remarks>
            <exception cref="T:DotNetOpenAuth.Messaging.ProtocolException">Thrown if no OpenID endpoint could be found.</exception>
            <exception cref="T:System.InvalidOperationException">Thrown if <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> == <c>null</c>.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequests(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.Realm,System.Uri)">
            <summary>
            Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <param name="realm">
            The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.
            </param>
            <param name="returnToUrl">
            The URL of the login page, or the page prepared to receive authentication 
            responses from the OpenID Provider.
            </param>
            <returns>
            A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
            Never null, but may be empty.
            </returns>
            <remarks>
            <para>Any individual generated request can satisfy the authentication.  
            The generated requests are sorted in preferred order.
            Each request is generated as it is enumerated to.  Associations are created only as
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.RedirectingResponse"/> is called.</para>
            <para>No exception is thrown if no OpenID endpoints were discovered.  
            An empty enumerable is returned instead.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequests(DotNetOpenAuth.OpenId.Identifier,DotNetOpenAuth.OpenId.Realm)">
            <summary>
            Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <param name="realm">
            The shorest URL that describes this relying party web site's address.
            For example, if your login page is found at https://www.example.com/login.aspx,
            your realm would typically be https://www.example.com/.
            </param>
            <returns>
            A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
            Never null, but may be empty.
            </returns>
            <remarks>
            <para>Any individual generated request can satisfy the authentication.  
            The generated requests are sorted in preferred order.
            Each request is generated as it is enumerated to.  Associations are created only as
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.RedirectingResponse"/> is called.</para>
            <para>No exception is thrown if no OpenID endpoints were discovered.  
            An empty enumerable is returned instead.</para>
            <para>Requires an <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> context.</para>
            </remarks>
            <exception cref="T:System.InvalidOperationException">Thrown if <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> == <c>null</c>.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequests(DotNetOpenAuth.OpenId.Identifier)">
            <summary>
            Generates the authentication requests that can satisfy the requirements of some OpenID Identifier.
            </summary>
            <param name="userSuppliedIdentifier">
            The Identifier supplied by the user.  This may be a URL, an XRI or i-name.
            </param>
            <returns>
            A sequence of authentication requests, any of which constitutes a valid identity assertion on the Claimed Identifier.
            Never null, but may be empty.
            </returns>
            <remarks>
            <para>Any individual generated request can satisfy the authentication.  
            The generated requests are sorted in preferred order.
            Each request is generated as it is enumerated to.  Associations are created only as
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.RedirectingResponse"/> is called.</para>
            <para>No exception is thrown if no OpenID endpoints were discovered.  
            An empty enumerable is returned instead.</para>
            <para>Requires an <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> context.</para>
            </remarks>
            <exception cref="T:System.InvalidOperationException">Thrown if <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> == <c>null</c>.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse">
            <summary>
            Gets an authentication response from a Provider.
            </summary>
            <returns>The processed authentication response if there is any; <c>null</c> otherwise.</returns>
            <remarks>
            <para>Requires an <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> context.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(System.Web.HttpRequestBase)">
            <summary>
            Gets an authentication response from a Provider.
            </summary>
            <param name="httpRequestInfo">The HTTP request that may be carrying an authentication response from the Provider.</param>
            <returns>The processed authentication response if there is any; <c>null</c> otherwise.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ProcessResponseFromPopup">
            <summary>
            Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
            </summary>
            <returns>The HTTP response to send to this HTTP request.</returns>
            <remarks>
            <para>Requires an <see cref="P:System.Web.HttpContext.Current">HttpContext.Current</see> context.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ProcessResponseFromPopup(System.Web.HttpRequestBase)">
            <summary>
            Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
            </summary>
            <param name="request">The incoming HTTP request that is expected to carry an OpenID authentication response.</param>
            <returns>The HTTP response to send to this HTTP request.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.RegisterClientScriptExtension``1(System.String)">
            <summary>
            Allows an OpenID extension to read data out of an unverified positive authentication assertion
            and send it down to the client browser so that Javascript running on the page can perform
            some preprocessing on the extension data.
            </summary>
            <typeparam name="T">The extension <i>response</i> type that will read data from the assertion.</typeparam>
            <param name="propertyName">The property name on the openid_identifier input box object that will be used to store the extension data.  For example: sreg</param>
            <remarks>
            This method should be called before <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ProcessResponseFromPopup"/>.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Dispose">
            <summary>
            Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.IsOpenIdSupportingParameter(System.String)">
            <summary>
            Determines whether some parameter name belongs to OpenID or this library
            as a protocol or internal parameter name.
            </summary>
            <param name="parameterName">Name of the parameter.</param>
            <returns>
            	<c>true</c> if the named parameter is a library- or protocol-specific parameter; otherwise, <c>false</c>.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateNonVerifying">
            <summary>
            Creates a relying party that does not verify incoming messages against
            nonce or association stores.  
            </summary>
            <returns>The instantiated <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty"/>.</returns>
            <remarks>
            Useful for previewing messages while
            allowing them to be fully processed and verified later.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ProcessResponseFromPopup(System.Web.HttpRequestBase,System.Action{DotNetOpenAuth.OpenId.RelyingParty.AuthenticationStatus})">
            <summary>
            Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
            </summary>
            <param name="request">The incoming HTTP request that is expected to carry an OpenID authentication response.</param>
            <param name="callback">The callback fired after the response status has been determined but before the Javascript response is formulated.</param>
            <returns>
            The HTTP response to send to this HTTP request.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Discover(DotNetOpenAuth.OpenId.Identifier)">
            <summary>
            Performs discovery on the specified identifier.
            </summary>
            <param name="identifier">The identifier to discover services for.</param>
            <returns>A non-null sequence of services discovered for the identifier.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.FilterEndpoint(DotNetOpenAuth.OpenId.RelyingParty.IProviderEndpoint)">
            <summary>
            Checks whether a given OP Endpoint is permitted by the host relying party.
            </summary>
            <param name="endpoint">The OP endpoint.</param>
            <returns><c>true</c> if the OP Endpoint is allowed; <c>false</c> otherwise.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Dispose(System.Boolean)">
            <summary>
            Releases unmanaged and - optionally - managed resources
            </summary>
            <param name="disposing"><c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only unmanaged resources.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.InvokeParentPageScript(System.String)">
            <summary>
            Invokes a method on a parent frame or window and closes the calling popup window if applicable.
            </summary>
            <param name="methodCall">The method to call on the parent window, including
            parameters.  (i.e. "callback('arg1', 2)").  No escaping is done by this method.</param>
            <returns>The entire HTTP response to send to the popup window or iframe to perform the invocation.</returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.OnBehaviorsChanged(System.Object,System.Collections.Specialized.NotifyCollectionChangedEventArgs)">
            <summary>
            Called by derived classes when behaviors are added or removed.
            </summary>
            <param name="sender">The collection being modified.</param>
            <param name="e">The <see cref="T:System.Collections.Specialized.NotifyCollectionChangedEventArgs"/> instance containing the event data.</param>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.DefaultEndpointOrder">
            <summary>
            Gets an XRDS sorting routine that uses the XRDS Service/@Priority 
            attribute to determine order.
            </summary>
            <remarks>
            Endpoints lacking any priority value are sorted to the end of the list.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.HttpApplicationStore">
            <summary>
            Gets the standard state storage mechanism that uses ASP.NET's
            HttpApplication state dictionary to store associations and nonces.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Channel">
            <summary>
            Gets or sets the channel to use for sending/receiving messages.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.SecuritySettings">
            <summary>
            Gets the security settings used by this Relying Party.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.DotNetOpenAuth#OpenId#IOpenIdHost#SecuritySettings">
            <summary>
            Gets the security settings.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.EndpointFilter">
            <summary>
            Gets or sets the optional Provider Endpoint filter to use.
            </summary>
            <remarks>
            Provides a way to optionally filter the providers that may be used in authenticating a user.
            If provided, the delegate should return true to accept an endpoint, and false to reject it.
            If null, all identity providers will be accepted.  This is the default.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.EndpointOrder">
            <summary>
            Gets or sets the ordering routine that will determine which XRDS 
            Service element to try first 
            </summary>
            <value>Default is <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.DefaultEndpointOrder"/>.</value>
            <remarks>
            This may never be null.  To reset to default behavior this property 
            can be set to the value of <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.DefaultEndpointOrder"/>.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.ExtensionFactories">
            <summary>
            Gets the extension factories.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Behaviors">
            <summary>
            Gets a list of custom behaviors to apply to OpenID actions.
            </summary>
            <remarks>
            Adding behaviors can impact the security settings of this <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty"/>
            instance in ways that subsequently removing the behaviors will not reverse.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.DiscoveryServices">
            <summary>
            Gets the list of services that can perform discovery on identifiers given to this relying party.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.DotNetOpenAuth#OpenId#IOpenIdHost#WebRequestHandler">
            <summary>
            Gets the web request handler to use for discovery and the part of
            authentication where direct messages are sent to an untrusted remote party.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CanSignCallbackArguments">
            <summary>
            Gets a value indicating whether this Relying Party can sign its return_to
            parameter in outgoing authentication requests.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.WebRequestHandler">
            <summary>
            Gets the web request handler to use for discovery and the part of
            authentication where direct messages are sent to an untrusted remote party.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.AssociationManager">
            <summary>
            Gets the association manager.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.NonVerifyingRelyingParty">
            <summary>
            Gets the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty"/> instance used to process authentication responses
            without verifying the assertion or consuming nonces.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot">
            <summary>
            A serializable snapshot of a verified authentication message.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.callbackArguments">
            <summary>
            The callback arguments that came with the authentication response.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.untrustedCallbackArguments">
            <summary>
            The untrusted callback arguments that came with the authentication response.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.#ctor(DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationResponse)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot"/> class.
            </summary>
            <param name="copyFrom">The authentication response to copy from.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetUntrustedExtension``1"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned only if the Provider signed them.
            Relying parties that do not care if the values were modified in
            transit should use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetUntrustedExtension(System.Type)"/> method
            in order to allow the Provider to not sign the extension. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetUntrustedExtension``1">
            <summary>
            Tries to get an OpenID extension that may be present in the response, without
            requiring it to be signed by the Provider.
            </summary>
            <typeparam name="T">The type of extension to look for in the response message.</typeparam>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetExtension``1"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetUntrustedExtension(System.Type)">
            <summary>
            Tries to get an OpenID extension that may be present in the response.
            </summary>
            <param name="extensionType">Type of the extension to look for in the response.</param>
            <returns>
            The extension, if it is found.  Null otherwise.
            </returns>
            <remarks>
            	<para>Extensions are returned whether they are signed or not.
            Use the <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetExtension(System.Type)"/> method to retrieve
            extension responses only if they are signed by the Provider to
            protect against tampering. </para>
            	<para>Unsigned extensions are completely unreliable and should be
            used only to prefill user forms since the user or any other third
            party may have tampered with the data carried by the extension.</para>
            	<para>Signed extensions are only reliable if the relying party
            trusts the OpenID Provider that signed them.  Signing does not mean
            the relying party can trust the values -- it only means that the values
            have not been tampered with since the Provider sent the message.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            	<para>This MAY return any argument on the querystring that came with the authentication response,
            which may include parameters not explicitly added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.</para>
            	<para>Note that these values are NOT protected against tampering in transit.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetUntrustedCallbackArguments">
            <summary>
            Gets all the callback arguments that were previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/> or as a natural part
            of the return_to URL.
            </summary>
            <returns>A name-value dictionary.  Never null.</returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            	<para>This may return any argument on the querystring that came with the authentication response,
            which may include parameters not explicitly added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.</para>
            	<para>Note that these values are NOT protected against tampering in transit.</para>
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.GetUntrustedCallbackArgument(System.String)">
            <summary>
            Gets a callback argument's value that was previously added using
            <see cref="M:DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.AddCallbackArguments(System.String,System.String)"/>.
            </summary>
            <param name="key">The name of the parameter whose value is sought.</param>
            <returns>
            The value of the argument, or null if the named parameter could not be found.
            </returns>
            <remarks>
            Callback parameters are only available even if the RP is in stateless mode,
            or the callback parameters are otherwise unverifiable as untampered with.
            Therefore, use this method only when the callback argument is not to be
            used to make a security-sensitive decision.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.ClaimedIdentifier">
            <summary>
            Gets the Identifier that the end user claims to own.  For use with user database storage and lookup.
            May be null for some failed authentications (i.e. failed directed identity authentications).
            </summary>
            <value></value>
            <remarks>
            	<para>
            This is the secure identifier that should be used for database storage and lookup.
            It is not always friendly (i.e. =Arnott becomes =!9B72.7DD1.50A9.5CCD), but it protects
            user identities against spoofing and other attacks.
            </para>
            	<para>
            For user-friendly identifiers to display, use the
            <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.FriendlyIdentifierForDisplay"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.FriendlyIdentifierForDisplay">
            <summary>
            Gets a user-friendly OpenID Identifier for display purposes ONLY.
            </summary>
            <value></value>
            <remarks>
            	<para>
            This <i>should</i> be put through <see cref="M:System.Web.HttpUtility.HtmlEncode(System.String)"/> before
            sending to a browser to secure against javascript injection attacks.
            </para>
            	<para>
            This property retains some aspects of the user-supplied identifier that get lost
            in the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.ClaimedIdentifier"/>.  For example, XRIs used as user-supplied
            identifiers (i.e. =Arnott) become unfriendly unique strings (i.e. =!9B72.7DD1.50A9.5CCD).
            For display purposes, such as text on a web page that says "You're logged in as ...",
            this property serves to provide the =Arnott string, or whatever else is the most friendly
            string close to what the user originally typed in.
            </para>
            	<para>
            If the user-supplied identifier is a URI, this property will be the URI after all
            redirects, and with the protocol and fragment trimmed off.
            If the user-supplied identifier is an XRI, this property will be the original XRI.
            If the user-supplied identifier is an OpenID Provider identifier (i.e. yahoo.com),
            this property will be the Claimed Identifier, with the protocol stripped if it is a URI.
            </para>
            	<para>
            It is <b>very</b> important that this property <i>never</i> be used for database storage
            or lookup to avoid identity spoofing and other security risks.  For database storage
            and lookup please use the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.ClaimedIdentifier"/> property.
            </para>
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.Status">
            <summary>
            Gets the detailed success or failure status of the authentication attempt.
            </summary>
            <value></value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.Provider">
            <summary>
            Gets information about the OpenId Provider, as advertised by the
            OpenID discovery documents found at the <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.ClaimedIdentifier"/>
            location.
            </summary>
            <value>
            The Provider endpoint that issued the positive assertion;
            or <c>null</c> if information about the Provider is unavailable.
            </value>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.Exception">
            <summary>
            Gets the details regarding a failed authentication attempt, if available.
            This will be set if and only if <see cref="P:DotNetOpenAuth.OpenId.RelyingParty.PositiveAuthenticationResponseSnapshot.Status"/> is <see cref="F:DotNetOpenAuth.OpenId.RelyingParty.AuthenticationStatus.Failed"/>.
            </summary>
            <value></value>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint">
            <summary>
            A very simple IXrdsProviderEndpoint implementation for verifying that all positive
            assertions (particularly unsolicited ones) are received from OP endpoints that
            are deemed permissible by the host RP.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint.#ctor(DotNetOpenAuth.OpenId.Messages.PositiveAssertionResponse)">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint"/> class.
            </summary>
            <param name="positiveAssertion">The positive assertion.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint.DotNetOpenAuth#OpenId#RelyingParty#IProviderEndpoint#IsExtensionSupported``1">
            <summary>
            Checks whether the OpenId Identifier claims support for a given extension.
            </summary>
            <typeparam name="T">The extension whose support is being queried.</typeparam>
            <returns>
            True if support for the extension is advertised.  False otherwise.
            </returns>
            <remarks>
            Note that a true or false return value is no guarantee of a Provider's
            support for or lack of support for an extension.  The return value is
            determined by how the authenticating user filled out his/her XRDS document only.
            The only way to be sure of support for a given extension is to include
            the extension in the request and see if a response comes back for that extension.
            </remarks>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint.DotNetOpenAuth#OpenId#RelyingParty#IProviderEndpoint#IsExtensionSupported(System.Type)">
            <summary>
            Checks whether the OpenId Identifier claims support for a given extension.
            </summary>
            <param name="extensionType">The extension whose support is being queried.</param>
            <returns>
            True if support for the extension is advertised.  False otherwise.
            </returns>
            <remarks>
            Note that a true or false return value is no guarantee of a Provider's
            support for or lack of support for an extension.  The return value is
            determined by how the authenticating user filled out his/her XRDS document only.
            The only way to be sure of support for a given extension is to include
            the extension in the request and see if a response comes back for that extension.
            </remarks>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint.Version">
            <summary>
            Gets the detected version of OpenID implemented by the Provider.
            </summary>
        </member>
        <member name="P:DotNetOpenAuth.OpenId.RelyingParty.SimpleXrdsProviderEndpoint.Uri">
            <summary>
            Gets the URL that the OpenID Provider receives authentication requests at.
            </summary>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore">
            <summary>
            An in-memory store for Relying Parties, suitable for single server, single process
            ASP.NET web sites.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.nonceStore">
            <summary>
            The nonce store to use.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.keyStore">
            <summary>
            The association store to use.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.#ctor">
            <summary>
            Initializes a new instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore"/> class.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.GetKey(System.String,System.String)">
            <summary>
            Gets the key in a given bucket and handle.
            </summary>
            <param name="bucket">The bucket name.  Case sensitive.</param>
            <param name="handle">The key handle.  Case sensitive.</param>
            <returns>
            The cryptographic key, or <c>null</c> if no matching key was found.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.GetKeys(System.String)">
            <summary>
            Gets a sequence of existing keys within a given bucket.
            </summary>
            <param name="bucket">The bucket name.  Case sensitive.</param>
            <returns>
            A sequence of handles and keys, ordered by descending <see cref="P:DotNetOpenAuth.Messaging.Bindings.CryptoKey.ExpiresUtc"/>.
            </returns>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.StoreKey(System.String,System.String,DotNetOpenAuth.Messaging.Bindings.CryptoKey)">
            <summary>
            Stores a cryptographic key.
            </summary>
            <param name="bucket">The name of the bucket to store the key in.  Case sensitive.</param>
            <param name="handle">The handle to the key, unique within the bucket.  Case sensitive.</param>
            <param name="key">The key to store.</param>
            <exception cref="T:DotNetOpenAuth.Messaging.Bindings.CryptoKeyCollisionException">Thrown in the event of a conflict with an existing key in the same bucket and with the same handle.</exception>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.RemoveKey(System.String,System.String)">
            <summary>
            Removes the key.
            </summary>
            <param name="bucket">The bucket name.  Case sensitive.</param>
            <param name="handle">The key handle.  Case sensitive.</param>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.StandardRelyingPartyApplicationStore.StoreNonce(System.String,System.String,System.DateTime)">
            <summary>
            Stores a given nonce and timestamp.
            </summary>
            <param name="context">The context, or namespace, within which the <paramref name="nonce"/> must be unique.</param>
            <param name="nonce">A series of random characters.</param>
            <param name="timestampUtc">The timestamp that together with the nonce string make it unique.
            The timestamp may also be used by the data store to clear out old nonces.</param>
            <returns>
            True if the nonce+timestamp (combination) was not previously in the database.
            False if the nonce was stored previously with the same timestamp.
            </returns>
            <remarks>
            The nonce must be stored for no less than the maximum time window a message may
            be processed within before being discarded as an expired message.
            If the binding element is applicable to your channel, this expiration window
            is retrieved or set using the
            <see cref="P:DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement.MaximumMessageAge"/> property.
            </remarks>
        </member>
        <member name="T:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders">
            <summary>
            Common OpenID Provider Identifiers.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders.Yahoo">
            <summary>
            The Yahoo OP Identifier.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders.Google">
            <summary>
            The Google OP Identifier.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders.MyOpenId">
            <summary>
            The MyOpenID OP Identifier.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders.Verisign">
            <summary>
            The Verisign OP Identifier.
            </summary>
        </member>
        <member name="F:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders.MyVidoop">
            <summary>
            The MyVidoop OP Identifier.
            </summary>
        </member>
        <member name="M:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders.#ctor">
            <summary>
            Prevents a default instance of the <see cref="T:DotNetOpenAuth.OpenId.RelyingParty.WellKnownProviders"/> class from being created.
            </summary>
        </member>
    </members>
</doc>
